Expert advice on cybersecurity, cybersafety and cybercrime. Using real incidents, I explain why cyber risks occur, what form they take, and how they affect cybercitizens as individuals, employees, citizens and parents. Opinions expressed in this blog represent my personal views

Pages

Tuesday, July 31, 2012

Hosting an
event like the Olympics’ requires a large number of security personnel to
operate x-ray machines, search vehicles and stand guard at venues. For the
London 2012 Olympics over 10,000 personnel required to be recruited and trained
to prevent theft, activism and unruly activity. Mobilizing an enormous workforce
via temporary recruits or volunteers is an expensive affair for short events,
which usually results in poor or hurried training of personnel, and inadequate background
checks. It is not possible to recruit well in advance due to the large numbers
and need to contain staff costs. It may be said that the temporary workforce is used more for
mitigation of risks rather than removal of it, with the prime responsibilities for
security resting on the more qualified forces such as police and military
and their use of a defense in depth security cordon to protect athletes and
people in venues.

When I read
about the mysterious woman who walked alongside flag bearer Sushil Kumar in
red track top, blue pants and sneaker smiling, waving and soaking in the moment
as the Indian contingent walked the track it indicated a brazen gate crash into
what should have been considered the inner sanctum of the security
perimeter.

In this case,
it turned out to be a protocol breach. An over eager Indian student volunteer
taking up the opportunity to walk with the team. But it also indicated a large
failure of the security apparatus, volunteer training and supervision of
volunteers. The same security vulnerability could have been exploited by
terrorists for malicious ends.

Sunday, July 8, 2012

Thumb drives are extremely popular due to their
portability, convenience and low cost. Computer
users, at home or at work cannot do without a thumb drive for sharing digital
data such as files or music. Drives have
become so cheap that product vendors freely distribute them at product conferences
as giveaways or as repositories of digital product literature.Any digital product with a USB port and storage
capacity can be converted into a digital drive.A common example would be the ubiquitous smart phone.Thumb drives have also become fashion accessories
with drives disguised as pendants and pens making them harder to detect.

Most companies prohibit or regulate the use of USB ports
and the devices that can be connected to them. The US Government has forbidden the
use of such devices in Government and Defense departments post Wikileaks.USB’s are used in targeted attacks to
compromise systems which are physically isolated from the Internet or external
networks. Stuxnet, a cyber weapon which destroyed Iranian centrifuges spread
through a compromised USB drive.In a
more recent case, the Indian Eastern Naval Command was infected by malware
which allegedly spread through a compromised USB. According to news reports “The
malware is then thought to have created a secret folder on the drives where it
stored documents, and as soon as the drive was plugged into a computer
connected to the web, it sent the files to specific IP addresses”.

Users of USB drives face the risk of mass malware
designed for cyber crime involving spam or financial fraud or the more targeted
variety for espionage or cyber destruction. Malware normally propagates by
copying itself onto clean drives inserted into infected computers. There is a
probability of mass infection if the drive is infected at production or when
digital data (such as product brochures) are mass copied onto several thousand
drives.

In both these
cases, the common elements are a lack of security awareness or the pressure of
a deadline causing individuals to override the fundamental security principle of
not using third party USB drives, and an over reliance on antimalware products
to detect malware. Antimalware products have limited success in instances where
the malware is custom designed for select targets.

In the case of the
Iranian Stuxnet infection or the Indian Naval Leaks, the key introspection
point was the method in which the compromised drive entered the premises. These
installations are highly secure and forbid the use of outside drives (non
registered drives), therefore the use of an unauthorized drive or the
compromise of an internal drive needs detailed investigation into the human
element and motive behind it. It is an indicator that the technical methods to
prevent motivated individual using such drives was not as restrictive as it
needed to be.

Awards

About Me

Security author and passionate blogger @LuciusonSecurity writing on risks that affect Internet users such as cyber crime, defamation, impersonation, privacy and security. Working hard to reduce cyber risks to some of the world's largest businesses. Find me on Twitter @luciuslobo or Linkedin at http://in.linkedin.com/in/luciuslobo